This course introduces cryptography, focusing on information systems security issues, and mechanisms and devices to address these issues. Also examined are cryptosystems, algorithms and certificates. Students gain applications-oriented experience in developing and implementing several cryptography applications or algorithms. Access controls are presented as a collection of security mechanisms that work together to protect information system assets. Students also complete lab assignments and a term project.
- Understand the need for cryptography and its management implications. Included is a close examination of symmetric-key cryptography and symmetric-key management. Current applications, advantages, and limitations are evaluated in real-world settings.
- Learn, evaluate, and apply the current public-key cryptography techniques. Included are the public-key cryptography algorithms from dominant sources, such as RSA, DH, and ECDH (Elliptic Curve Diffie-Hellman). Understand and manage the real-world events associated with key distribution, key protection, and trusted third parties.
- Learn and apply digital signature technology in the current messaging environment. Extend this knowledge to key protection, key recovery, certificates, and encryption algorithms.
- Learn, evaluate, and apply the standards for Public-Key Infrastructures (PKI). Focus is given to PKI authorities, protocols, key architecture, and trust models.
- Evaluate and apply security protocols at the network and transport levels. Special attention is given to SSL (Secure Sockets Layer), database security, Internet key exchange, and handshaking. Additionally, application layer security is evaluated through the use of S/MIME (Secure/Multipurpose Internet Mail Extensions) and SET (Secure Electronic Transaction).
- Learn how specialized hardware can be integrated with advanced software cryptography. Special focus is given to current hardware, such as Smart Cards, JavaCards, and Biometrics. The offers from dominant vendors are evaluated. Additionally, the legal environment is also explored with respect to security hardware and software.
- Compare, contrast, and evaluate real-world solutions that have advanced this science. Special focus is given to learning from past mistakes, as well as current achievements.